Code security and secret scanning insights for your enterprise (public beta)

May 23, 2024

Gain valuable insights and effectively monitor your enterprise’s security landscape and progress with two new enterprise-level pages: the security overview dashboard and secret scanning metrics.

New overview dashboard on the security tab at the organization level

Key features

Customizable filters: Select specific time periods and focus areas such as security tool, team, or custom repository property.
Comprehensive data: Trending and snapshot data provide a robust security landscape overview.
Detailed metrics: Includes metrics such as the average age of security alerts, mean time to remediate, and push protection statistics.

To access these new enterprise-level views, navigate to your enterprise account. In the enterprise account sidebar, click Code Security. The new pages are accessible to organization owners and organization security managers, with data scoped to the repositories and alerts you have access to.

These two pages are now available as a public beta on GitHub Enterprise Cloud and will be available in GitHub Enterprise Server 3.14.

Learn more about security overview, managing code security for your enterprise, and send us your feedback

Questions or suggestions? Join the conversation in the community discussion.

Compliance Reports for Free and Team Organizations

May 22, 2024

All organization owners now have access to a Compliance tab within their organization’s settings page. This page has been available for all organizations on the GitHub Enterprise plan, but is now extended to organizations on the Free and Team plans as well.

To access the latest compliance and certification reports for your organization, navigate to https://github.com/organizations/<yourorganization>/settings/compliance. The reports you can expect to see for an organization on a Free or Team plan will be SOC 3, ISO/IEC 27001:2013 certification, and CSA CAIQ.

To learn more, read about accessing compliance reports for your organization.

See more See more

Copilot Extensions now in Limited Public Beta

May 21, 2024

copilot

GitHub Copilot Extensions Limited Beta announcement

GitHub Copilot Extensions is now in Limited Public Beta. With extensions, you can now extend the capabilities of GitHub Copilot Chat and enhance the experience to perform a wide range of actions across third-party tools, services, and data. Create feature flags, check log errors, access API documentation, and even deploy your application to the cloud all through natural language.

We’re starting with GitHub Copilot Extensions from DataStax, Docker, Lambda Test, LaunchDarkly, McKinsey & Company, Octopus Deploy, Pangea, Pinecone, Product Science, ReadMe, Sentry, and Teams Toolkit on the GitHub Marketplace. In the coming weeks, all users will be able to access extensions from Stripe, MongoDB, and Microsoft (including Teams Toolkit and Office) on Visual Studio Marketplace for VS Code as well.

Sixteen GitHub Copilot Extensions from GitHub Copilot partners laid out as grid of tiles

Currently, access to Copilot Extensions is limited to a small set of users and we are planning to gradually roll out larger-scale access as we learn more & gather feedback. To learn more about Copilot Extensions and how to use them, check out the documentation and the GitHub Marketplace.

If you’re looking to build a GitHub Copilot Extension, there are several ways. Join the Copilot Partner Program to explore opportunities to bring your developer tools and services into the GitHub Copilot ecosystem and have extensions light up across all supported clients (VS Code, Visual Studio, and Github.com). If you’re looking to build a VS Code extension specifically, documentation is available here.